29A Issue 02 02 11

Published in

· 4 years ago

  

 Stupid descriptions 
 ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ> 
                                                                Rajaat / 29A 

 Ok, guys. It goes  like this... ;-) Try to find  some description of one of 
 your viruses on the Internet that is such an error that it is plainly visi- 
 ble even to people that  don't understand as much about viruses as the ave- 
 rage 29A magazine reader is  doing. Append it at the  end of  the text file 
 and send it  around  the rest of the  people... If it's hilarious enough we 
 can also include people from outside 29A, but I think this is really a joke 
 ;-) I hope  you guys are in for it. Here are two  sad examples of how great 
 the virus analysts for Symantec are... 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ->8 
 < Rajaat > April Fools? 

 (*) http://www.symantec.com/avcenter/data/rajaat.518_(1).html 

        VirusName:Rajaat.518 (1) 
        Aliases:none 
        Infection Length:N/A 
        Likelihood:rare 
        Regions Reported:N/A 
        Target Platform: 

        Description: 

        The Rajaat.518 (1) virus is smaller than average. It is 0 bytes 
        in length. It only infects .COM files. This virus can be caught 
        through e-mail, BBSes, or the Internet. This virus is 
        memory-resident. After the virus has been launched, it infects 
        other programs as they are accessed. This virus actively hides 
        itself while it is resident in memory. This virus has never been 
        encountered by our customers. This virus does not have any known 
        payload (that is, it does nothing other than replicate). It does 
        not employ encryption. It is called a multipartite virus. 
        Multipartite viruses can infect boot records as well as files. 
        Because of the nature of the Rajaat.518 (1) virus, Norton 
        AntiVirus is unable to repair infected files. To remove the 
        virus, delete and reinstall all infected files. 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ->8 
 < Rajaat > And this is what Symantec has to say about my TSR Companion 
            virus (companion viruses do create COM files and don't touch 
            the EXE files themselves). 

 (*) http://www.symantec.com/avcenter/data/rajaat.287.html 

        VirusName:Rajaat.287 
        Aliases:none 
        Infection Length:287 
        Likelihood:rare 
        Regions Reported:N/A 
        Target Platform:COM files 

        Description: 

        The Rajaat.287 virus attaches 287 bytes to host files. This 
        virus only infects .COM files. It is a "direct action" virus. 
        The Rajaat.287 virus virus does not employ any "stealthing" 
        mechanisms. This virus has never been encountered by our 
        customers. This virus does not have any known payload (that is, 
        it does nothing other than replicate). This virus propagates 
        identical copies of itself. It infections cannot be repaired. 
        Delete all infected programs and replace them with clean copies. 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ->8 

 
 Greetings, 
 Rajaat / 29A

29A Issue 02 02 11

Share this article

Let's discover also

29A Issue 01 01 05

29A Issue 02 01 02

29A Issue 03 01 02

29A Issue 03 01 01

29A Issue 02 01 03

29A Issue 02 03 03

29A Issue 03 03 07

29A Issue 02 01 01

29A Issue 03 01 04

29A Issue 02 02 08

Recent Articles

Pizzette al taglio

Melikki and the Song of the Whale

Die Bayrische Hackerpost Systems 85

Die Bayrische Hackerpost IFA85

Die Bayrische Hackerpost 13

Die Bayrische Hackerpost 12

Die Bayrische Hackerpost 11A

Die Bayrische Hackerpost 11

Die Bayrische Hackerpost 10

Die Bayrische Hackerpost 9

Recent Comments